[torqueusers] Authentication on cluster nodes

Mary Ellen Fitzpatrick mfitzpat at bu.edu
Thu Apr 16 11:58:42 MDT 2009


I am having some trouble getting the user authorization working.  
Running torque-2.3.6 on Centos5
The pam README indicates that this module is to be installed on the 
pbs_mom hosts used to authorize users with running jobs.
I installed the torque-package-pam-linux-x86_64.sh package on the 
management node, which is my NIS server and user login nodes.

Which /etc/pam.d/PAM config do I add:   account    sufficient   
pam_pbssimpleauth.so
system-auth-ac?  or  do I create a new pam module for it? 
pam_pbssimpleauth..

Also, does the torque-package-pam-linux-x86_64.sh need to be installed 
on the compute nodes as well.

Thanks
MaryEllen

Garrick Staples wrote:
> On Mon, Mar 23, 2009 at 11:21:03PM +0100, delaplag alleged:
>   
>> 4sure i'm also using it.
>>
>> In fact my question was more : do you need to get every users  
>> available on each nodes. I've seen that there is a pam module which  
>> maybe can fit my request (pam_pbssimpleauth)
>>
>> The final point would be that domain users are only known on submit  
>> nodes and computing nodes are not even talking with AD.
>>     
>
> Yes, users need to be visible on the compute nodes.
>
> How you do that is up to you.  There are lots of reasons for different methods.
> I've used NIS and LDAP in the past.  I currently use flat files.
>
>  
>   
>> Does pam_pbssimpleauth is made for that ? I've a build error, can  
>> someone provide a bit of support for building it?
>>     
>
> pam_pbssimpleauth provides authorization (not authentication or
> identification).  It OK's a login if the user has a job running.  If the
> authenticating user does not have a running job on that node, then the login is
> rejected.
>
> What was your build error?
>
>   

-- 
Thanks
Mary Ellen



More information about the torqueusers mailing list